5:11 a.m.
I think this has to do with exim trying to send logs?
Should I actually bug-report?
or just use the
audit2allow -M local < /tmp/avcs
Frank
Summary:
SELinux is preventing sendmail (exim_t) "getattr" to pipe
(system_crond_t).
Detailed Description:
SELinux denied access requested by sendmail. It is not expected that
this access
is required by sendmail and this access may signal an intrusion attempt.
It is
also possible that the specific version or configuration of the
application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can
disable
SELinux protection altogether. Disabling SELinux protection is not
recommended.
Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context system_u:system_r:exim_t:s0
Target Context system_u:system_r:system_crond_t:s0
Target Objects pipe [ fifo_file ]
Source sendmail
Source Path /usr/sbin/exim
Port <Unknown>
Host frank-01
Source RPM Packages exim-4.69-4.fc9
Target RPM Packages
Policy RPM selinux-policy-3.3.1-69.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name frank-01
Platform Linux frank-01 2.6.25.6-55.fc9.i686 #1 SMP
Tue Jun
10 16:27:49 EDT 2008 i686 i686
Alert Count 3
First Seen Sat 28 Jun 2008 11:01:27 IST
Last Seen Sat 28 Jun 2008 11:01:27 IST
Local ID 675df78e-7627-418a-8d0b-2f9943cd7033
Line Numbers
Raw Audit Messages
host=frank-01 type=AVC msg=audit(1214647287.324:61): avc: denied
{ getattr } for pid=16267 comm="sendmail" path="pipe:[94447]"
dev=pipefs ino=94447 scontext=system_u:system_r:exim_t:s0
tcontext=system_u:system_r:system_crond_t:s0 tclass=fifo_file
host=frank-01 type=SYSCALL msg=audit(1214647287.324:61): arch=40000003
syscall=197 success=no exit=-13 a0=1 a1=bf812f64 a2=981ff4 a3=b805d84c
items=0 ppid=1 pid=16267 auid=4294967295 uid=93 gid=93 euid=93 suid=93
fsuid=93 egid=93 sgid=93 fsgid=93 tty=(none) ses=4294967295
comm="sendmail" exe="/usr/sbin/exim" subj=system_u:system_r:exim_t:s0
key=(null)
7:36 a.m.
New subject: Fedora 9 SELinux is preventing sendmail (exim_t) "getattr" to pipe (system_crond_t)
Frank Murphy wrote:
I think this has to do with exim trying to send logs?
Should I actually bug-report?
or just use the
audit2allow -M local < /tmp/avcs
Frank
Summary:
SELinux is preventing sendmail (exim_t) "getattr" to pipe
(system_crond_t).
Detailed Description:
SELinux denied access requested by sendmail. It is not expected that
this access
is required by sendmail and this access may signal an intrusion attempt.
It is
also possible that the specific version or configuration of the
application is
causing it to require additional access.
Allowing Access:
You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can
disable
SELinux protection altogether. Disabling SELinux protection is not
recommended.
Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
Additional Information:
Source Context system_u:system_r:exim_t:s0
Target Context system_u:system_r:system_crond_t:s0
Target Objects pipe [ fifo_file ]
Source sendmail
Source Path /usr/sbin/exim
Port <Unknown>
Host frank-01
Source RPM Packages exim-4.69-4.fc9
Target RPM Packages
Policy RPM selinux-policy-3.3.1-69.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name catchall
Host Name frank-01
Platform Linux frank-01 2.6.25.6-55.fc9.i686 #1 SMP
Tue Jun
10 16:27:49 EDT 2008 i686 i686
Alert Count 3
First Seen Sat 28 Jun 2008 11:01:27 IST
Last Seen Sat 28 Jun 2008 11:01:27 IST
Local ID 675df78e-7627-418a-8d0b-2f9943cd7033
Line Numbers
Raw Audit Messages
host=frank-01 type=AVC msg=audit(1214647287.324:61): avc: denied
{ getattr } for pid=16267 comm="sendmail" path="pipe:[94447]"
dev=pipefs ino=94447 scontext=system_u:system_r:exim_t:s0
tcontext=system_u:system_r:system_crond_t:s0 tclass=fifo_file
host=frank-01 type=SYSCALL msg=audit(1214647287.324:61): arch=40000003
syscall=197 success=no exit=-13 a0=1 a1=bf812f64 a2=981ff4 a3=b805d84c
items=0 ppid=1 pid=16267 auid=4294967295 uid=93 gid=93 euid=93 suid=93
fsuid=93 egid=93 sgid=93 fsgid=93 tty=(none) ses=4294967295
comm="sendmail" exe="/usr/sbin/exim"
subj=system_u:system_r:exim_t:s0
key=(null)
--
fedora-selinux-list mailing list
fedora-selinux-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
I will update policy to
allow this. Although this probably does not
stop anything from functioning properly.
5772
days inactive
5774
days old
selinux@lists.fedoraproject.org
1 comments
2 participants
participants (2)
-
Daniel J Walsh -
Frank Murphy